Beginner's Guide for WordPress / Start your WordPress Blog in minutes

How to Add Free SSL in WordPress with Let’s Encrypt

When we first covered how to add SSL in WordPress, a lot of our readers asked for a free SSL solution.

Unfortunately, nothing existed at that time. However, that has changed now, thanks to Let’s Encrypt.

In this article, we will show you how to add free SSL in WordPress with Let’s Encrypt.

Adding a Free SSL Certificate in WordPress with Let’s Encrypt

What Is SSL and Let’s Encrypt?

Every internet user shares lots of personal information each day. We do that when shopping online, creating accounts, signing into different websites, and more.

If not properly encrypted, then this information can be spied upon and stolen. This is where SSL comes in. It provides the encryption technology to secure the connection between a user’s browser and the web server.

Each site is issued a unique SSL certificate for identification purposes. If a server is pretending to be on HTTPS, and its certificate doesn’t match, then most modern browsers will warn the user from connecting to the site.

Insecure connection

Previously, the only way to secure sites with SSL was by using a paid SSL certificate.

Let’s Encrypt is a free open certificate authority that aims to provide SSL certificates for the general public. It is a project of the Internet Research Group, a public service corporation. Let’s Encrypt is sponsored by many companies, including Google, Facebook, Sucuri, Mozilla, Cisco, and more.

Let's Encrypt

Having said that, let’s take a look at how you can add a free SSL certificate to your WordPress site with Let’s Encrypt.

Easy Way – Using a Host That Offers Built-in Free SSL

As Let’s Encrypt became more popular, many WordPress hosting companies started offering built-in, easy SSL setup.

The easiest way to add Let’s Encrypt free SSL to WordPress is by signing up with a hosting company that offers a built-in integration.

We will cover a few methods using different hosting providers in this article. You can use the links below to jump to the section you are most interested in:

Setting Up Free SSL With Let’s Encrypt on Bluehost

Bluehost is rated #1 in web hosting for small businesses, and they are officially recommended by themselves.

On top of that, WPBeginner readers can use our Bluehost coupon to save up to 73% off hosting plans, which include a free SSL certificate.

Setting up your free SSL certificate with Bluehost is easy. To get started, log in to your Bluehost control panel and click on the ‘My Sites’ tab in the menu on the left.

Then, locate the website you want to activate the free SSL for and click the ‘Manage site’ button.

Click on Manage Site button from the Bluehost dashboard

Next, click on the ‘Security’ tab.

From there, simply navigate to the ‘SSL Certificate: Let’s Encrypt’ section and toggle the switch to the ‘On’ position.

Toggle free Let's Encrypt SSL to the ON position

Once you’ve turned on SSL, it may take a few hours to install and activate. In some cases, Bluehost will send you an email with further instructions to complete the process.

That’s it. You’ve successfully added the free Let’s Encrypt SSL to your website.

However, your WordPress site is not yet ready to use it. First, you will need to update your WordPress URLs and then fix the insecure content issues.

Don’t worry, we will show you how to do that. Skip to the section on updating URLs and fixing insecure content issues.

Setting Up Free SSL With Let’s Encrypt on SiteGround

SiteGround is one of the most trusted and well-known hosting companies offering built-in integration of free SSL.

They automatically issue a free Let’s Encrypt SSL certificate for every website that’s created on the platform. It may take up to 72 hours after your domain has been registered for your SSL to be issued.

To check if your SSL certificate has been successfully issued, you can go to Site Tools » Security » SSL Manager from your SiteGround dashboard.

In the ‘Manage SSL’ table, you’ll see ‘Active’ under the Status column if the SSL certificate has been issued for your domain.

Check if your free SSL certificate is issued in SiteGround

If your SSL certificate has not been issued after 72 hours, you can also enable it manually. Here is how to enable Let’s Encrypt free SSL in SiteGround.

Simply go to Site Tools » Security » SSL Manager from your SiteGround dashboard.

Under the ‘Install New SSL’ section, you will need to select the domain name where you want to use the free SSL and then choose ‘Let’s Encrypt’ from the dropdown menu.

Install free Let's Encrypt SSL in SiteGround

You can now click on the ‘Get’ button. Let’s Encrypt will issue a unique SSL certificate for your website.

That’s all. You have successfully integrated Let’s Encrypt free SSL to your WordPress site.

Next, you’ll need to complete the process by updating WordPress URLs and fixing the insecure content issue. Jump to the section, updating WordPress URLs after setting up SSL.

Setting Up Free SSL With Let’s Encrypt on DreamHost

DreamHost is another popular WordPress hosting service provider that offers built-in integration to set up free SSL on any of your domains hosted with them.

First, you need to log in to your DreamHost dashboard. Under the Websites section, you need to click on the ‘Secure Certificates’ option.

Then, under the ‘Let’s Encrypt SSL Certificate’ section, click on the ‘Select this Certificate’ button.

Add free Let's Encrypt SSL in Dreamhost

DreamHost will now start setting up your free SSL certificate with Let’s Encrypt. It may take up to 15 minutes for the SSL changes to be pushed to the server.

That’s it. You have successfully added a free SSL certificate with Let’s Encrypt to your WordPress site on DreamHost.

You still need to update WordPress URLs and fix the insecure content issue. Jump to the section, updating WordPress URLs after setting up SSL.

Installing Let’s Encrypt Free SSL on Other Web Hosts

The Let’s Encrypt free SSL is a domain-based SSL certificate. This means that if you have a domain name, then you can add it to any web host.

However, if your web host does not offer an easy integration like Bluehost, SiteGround, or DreamHost, then you will need to go through a somewhat lengthy procedure.

This procedure differs from one web host to another. Most hosting companies have a support document explaining how to do that. You can also contact their support staff for detailed instructions.

Bluehost, one of the official WordPress hosting providers, allows you to add other third-party SSL certificates to the domains hosted with them. For detailed instructions, take a look at their SSL installation of 3rd party certificate page.

Updating WordPress URLs After Setting Up SSL

After setting up the free SSL certificate with Let’s Encrypt, the next step is to move your WordPress URL from HTTP to HTTPS.

A normal site without an SSL certificate uses HTTP protocol. This is usually highlighted with http prefix in web addresses like this:

Secure websites with SSL certificates use HTTPS protocol. This means that their addresses look like this:

Without changing the URLs in your WordPress site, you will not be using SSL, and your site will not be secure for collecting sensitive data.

Having said that, let’s see how to move WordPress URLs from http to https:

For Brand New WordPress Website

If you are working on a brand new WordPress website, then you can just go to your WordPress admin area and click on Settings. There, you will need to update the WordPress URL and Site URL fields to use https.

Setting up WordPress to use HTTPS in URLs for a new website

Don’t forget to save your changes.

For Existing WordPress Sites

If your site has been live for a while, then chances are that it is indexed by search engines. Other people may have linked to it using http in the URL. You need to make sure that all traffic is redirected to the https URL.

The first thing you need to do is install and activate the Really Simple SSL plugin. For more details, see our step-by-step guide on how to install a WordPress plugin.

The plugin will automatically detect your SSL certificate and set up your website to use it. In most cases, you will not have to make any more changes. The plugin will also fix insecure content issues.

Update Google Analytics Settings

If you have Google Analytics installed on your WordPress site, then you need to update its settings and add your new URL with https.

Login to your Google Analytics dashboard and click on ‘Admin’ from the navigation menu on the left. Next, you need to click on Property Settings » Data collection and modifications » Data streams from the menu.

Select data stream in Google Analytics

Click the arrow next to your website data stream to expand it.

After that, click on the Edit button (pencil icon) to edit the stream.

Edit your data stream

This will open the stream details that you can change.

Click on the http dropdown menu, and then select https.

Select https

Don’t forget to click on the ‘Save’ button to store your settings.

We hope this article helped you add Free SSL in WordPress with Let’s Encrypt. You may also want to see our list of useful tools to manage and grow your WordPress blog or our tutorial on how to get a free email domain.

If you liked this article, then please subscribe to our YouTube Channel for WordPress video tutorials. You can also find us on Twitter and Facebook.

Disclosure: Our content is reader-supported. This means if you click on some of our links, then we may earn a commission. See how WPBeginner is funded, why it matters, and how you can support us. Here's our editorial process.

The Ultimate WordPress Toolkit

Get FREE access to our toolkit - a collection of WordPress related products and resources that every professional should have!

Reader Interactions

69 CommentsLeave a Reply

  1. Hey WPBeginner readers,
    Did you know you can win exciting prizes by commenting on WPBeginner?
    Every month, our top blog commenters will win HUGE rewards, including premium WordPress plugin licenses and cash prizes.
    You can get more details about the contest from here.
    Start sharing your thoughts below to stand a chance to win!

  2. My website is hosted on the shared hosting. How can i install Let’s Encrypt SSL on my website?

    • You would need to check with your specific hosting provider for the specifics allowed.


  3. Thanks for this great article. I have Go Daddy and my site is now secure. The Let’s Encrypt SSL certificate expires in 90 days. Do I need to “renew” the certificate every 90 days? If so, can I just press the “renew” link or must I go through all the steps required to install the certificate? Thanks so much!

  4. Hi there, I could migrate my brand new page to https with no problems with your method, but when I tried to do it for my older page it didn’t work. I couldn’t log in into my dashboard, do you know what could be happening? I did everything as you said.
    Many thanks!

    • Hi Jorgelina,

      You probably meant website when you said page. It is harder for us to guess what may have gone wrong. Try undoing the steps you took and then try again.


  5. Hi,

    Using Let’s Encrypt or Cloudflare SSL, which is better? and what is the difference.

    Please advise.

  6. Hi Syed ..thanks for this great article. I learned a clear idea about SSL and the importance of https. I already installed SSL to my website. It really help me to get higher ranking on google SERP. Previously I knew SSL certificate is paid. But now it’s getting free on Let’s Encrypt. Lot of thanks to you for written this valuable post

  7. How should you change your CloudFlare settings after installing Let’s Encrypt certificate and switching your site over HTTPS? I refer expecially to the “Crypto” tab.

  8. Hello, i just activated the SSL by SIteGround (enforcing https), and i can see it working but with the warning “Your connection to this site is not secure”.. is this normal?

    • Hi Serouj,

      No, your site is not secure yet. Please follow the instructions in the article, or ask your hosting provider for support. They will be able to fix it for you or point you in the right direction.


  9. After switching to https through SiteGround everything was fine excepted that I lost my social shares. Can you make a tutorial to get them back. (I used SumoMe social sharing plugin. )

  10. I’ve migrated, performed 301 redirect, and changed the url to https:// in Google analytics. But now, how will I choose my preferred domain in search console? It keeps telling me to verify ownership of the www but it doesn’t show me how to verify it. Can you help me?

  11. i migrated from http to https still it is shwoing insafe and its redirecting to another country website whats the issue? Please now im unable to login to my wordpress can u please help me?

  12. Can you let me know how to do it in HostGator? I have checked before but seems like there are some pending issues with the hosting provider and under consideration.

  13. thx for the infos guys!
    I love this blog and it helped me alot.
    I´m using Really simple SSL with the shared SSL I got from my hoster. The problem is that the redirection from http to https works fine just on the homepag. Other pages dont redirect. and The RSSSL plugin is updating every second day but not solving the problem. Any sollution for this problem?

  14. thanks! I’ve been looking for this integration for hours and even thou my host offers let’s encrypt support, it doesn’t offer documentation on how to implement it.

  15. Awesome article! Just switched about 60 sites to siteground and couldn’t be happier. Finding out about and using Let’s Encrypt with the SSL plugin is like the icing on the cake!

    thanks again!

  16. OK, I’m trying to get my head around this. I will still need a dedicated IP Bluehost and then I can install the free SSL by Let’s Encrypt? And, this would be a better option than the free SSL from BH, right?

    I am going to be developing an ecomm site for fitness apparel and gear.

  17. I installed letsencryprt on an Ubuntu 16.04 LAMP server via the shell. All the WordPress files are white screen. I tested the site in QUALSYS, which checked out. I set up an hml test page in the root difectory that works with https. It’s just the WP pages.

    I am thinking that I need to do some configuration in the default-ssl.conf file, though my attemot at that managed to break the white screen and make the site disappear. Any thought?

  18. I have reached to a wp plugin WP Encrypt to setup lets encrypt on WordPress site. Please guide me if it is worth installing for free SSL by lets encrypt

  19. This has created a nightmare for me.

    On my local dev site (I use MAMP) I used the dashboard – settings – general to change the URL’s from “http” to “https”. As soon as I saved the change I got a message saying localhost refused connection. I can’t log in to the dash board to change the url back – I get the same message and the address in the bar is https://localhost/mysite/.

    I have tried fiddling with the wp-login.php to not force SSL, to no avail.

    It’s a horrible catch 22. Any ideas how I can get out of this problem?

    • Hi Ian,

      You can revert back your site urls to http by following these steps.

      Go to /Applications/Mamp/htdocs folder on your computer. Locate your WordPress installation (propbably in mysite folder) and then go to /wp-content/themes/your-current-theme/ folder. Replace your-current-theme with the directory of the theme you were using on your website. In your theme folder you need to edit functions.php file.

      Add this code in your functions.php file at the end.

      define( 'WP_HOME', 'http:/localhost/mysite' );
      define( 'WP_SITEURL', 'http://localhost/mysite' );

      Save changes and try accessing your website on http://localhost/mysite


  20. Hi Syed. I tried to install this certificate multiple times after activating the Really Simple SSL Plugin but it kept breaking my site and returning an Error 500. I do not understand how to create the certificate using the letsencrypt website so I used this site instead and then installed manually on my site. My hosts told me I can install SSL even though am on shared hosting. What could be the problem?

      • Thank you. I did the same and I found about two to three plugins that caused my site to fail. Despite that, the SSL breaks the CSS for my site. I had to remove it entirely and just stay without SSL.

  21. Any tips for someone who is self hosting? I’m hosting my small website running in wordpress in a raspberry pi on a LAMP environment.

  22. Great article, I just activated the ssl in the hosting panel then install the plugin, no more configuration. Thank you.

  23. Thanks for the tutorial! May I ask, once I have activated ssl on my domain do i need to update the sitemap of the site on google webmaster tools?


  24. Hello,

    Very nice article, thank you!

    I was wondering how to implement Let’s Encrypt only in certain pages (Woocommerce and contact pages for example).


  25. I’m really glad about what Let’s Encrypt is doing; making encryption easily accessible to everyone is really awesome. Good to see web hosts implementing it for their customers also. My host, StackPress, is among those hosts who now offer Let’s Encrypt and I’m pretty stoked about it.

  26. I am relatively new to WordPress so I have read a lot on WPBeginner. I’m starting a new website and want to use SSL from the start – that’s how I came across this article. My Belgian hosting company does not provide an automated way to install Let’s Encrypt, but it does allow me to install my own SSL without having to buy/install the certificate through them.
    In your article you write “Updating WordPress URLs After Setting up SSL – After setting up the Free SSL certificate with Let’s Encrypt” but you don’t write how this process is actually done manually (unless I have missed it completely!). On the Let’s Encrypt website on their “Getting Started” webpage they refer to the installation of “Certbot” for this purpose, and then it all becomes as good as Chinese for me…
    The link imbedded in your text, “After setting up the Free SSL certificate with Let’s Encrypt,” just sent me off to a GoDaddy promo for webhosting, whereas I expected it was going to refer to a useful text explaining how to get a free SSL certificate from Let’s Encrypt.
    I was hoping that your article would tell people who’s host do not automate the Let’s Encrypt installation how to complete this themselves, but after getting to the end of your article, I am (and surely many others) are left without the info we were hoping for.

    • Please look at the section ‘Installing Let’s Encrypt Free SSL on Other Web Hosts’. We have given example of BlueHost, a web hosting company that does not offer easy tools to automatically setup Let’s Encrypt. But they do have a page on how to setup 3rd party SSL certificates. You can also ask your web hosting company to help you setup SSL.


      • I’m sorry I didn’t mention that I had also read the BlueHost link. In the info BlueHost provide they say, “Provide the CSR to the SSL vendor of your choice. They will exchange it for a CRT file.” I’ve already created a CSR that is ready to be forwarded to a 3rd party for a SSL certificate and I’d like to use Let’s Encrypt for this. But nowhere on the Let’s Encrypt website can I find a way to submit my CSR. They have a support page, but this is full of technical questions and answers, I found nothing that says how to obtain a SSL certificate from Let’s Encrypt using a CSR. Other (paid) SSL certificate providers have a simple and obvious way of letting you submit your CSR to get a SSL cert. in return.

        • I have personally tried installing Let’s Encrypt on Bluehost, but failed. I talked with the customer support and they told me that they do not support Let’s Encrypt certificates. And he referred me to get a paid one. Their shared hosting sucks these days.

  27. Dreamhost told me I can’t use Let’s Encrypt and CloudFlare at the same time. I therefore signed up for Cloudflare outside of Dreamhost because they offer free encryption of their own…somehow. I can’t figure out how to get a certificate created and put on my site and Dreamhost isn’t helping since it’s a Cloudflare product. Cloudflare isn’t helping cause it’s a free plan. I’m wondering if anyone has any simple insights into this?

    Have a great day in The Matrix!

    • Cloudflare doesn’t support HTTPS for free plans. So you need a premium Cloudflare account if you want to use SSL.

      • Hi,

        Maybe you’re right but they say they do and the options to turn it on are right there for me to choose ranging from strict to self signed…

  28. A very good information. Please help me to add ssl to my website, i am using Godaddy shared hosting, could anyone help to add Let’s Encrypt SSL To my site.

  29. Hello Syed! Great tutorial. I just want to ask when this error occurs whether its the time when user buys, login to website or every time if web does not have a ssl certificate. For example, my web don’t offer login, shopping system so do i need a ssl certificate. Whether this error will appear or not??

  30. I have a WordPress site running on InMotion hosting. I contacted them today and they basically told me that I’m free to install it but that they won’t offer any support or help doing it. Has anyone set up Let’s Encrypt for a InMotion WP site? I made it to the SSL/TLS manager in my cPanel but had no idea what to do from there. Any help would be appreciated. Thank you.

  31. Hello Syed,
    Thanks for the article. Very interesting since I recently joined Siteground and of course had Let’s Encrypt installed. Works great on pc, but …. is untrusted on mobile devices. Have you heard about this phenomenon or could it be a Siteground problem (configuration of their webservers)?

    • It is not problem of Siteground.
      Letsencrypt SSL is not trusted on most of the mobile device browsers

    • This issue may have been fixed. Have have a let’s encrypt cert and it is working on both desktop and mobile using woocommerce. At least on the iphone safari browser. It is interesting though because you have tap into the address to see the https as it does not show in the normal address.

  32. Thanks for this great post and the step by step instructions! I had previously purchased a certificate but didn’t take the right steps to get is installed properly. Your post helped me get everything in order!

    I also have the same question as Tasos: Do we uninstall the Really Simple SSL plugin after everything is all set, or does it need to remain running?

    Thanks for all your educational efforts!

    • If you set the site url and and homepage url with https then WordPress will automatically redirect visitors, updating you webmaster tool is also a good idea.

  33. Thanks a lot for this article. I have a question though. I read somewhere enabling SSL will affect the adsense income? Is it true?

    • Honestly don’t see why it would impact your Adsense revenue. We have heard that some folks reported their traffic dropping after they switched to SSL but that’s mainly because Google needs some time to re-index everything.


  34. It’s great to see SiteGround is constantly innovating their web hosting services. I have multiple customers who I’ve placed on SiteGround and never looked back. Adding the free SSL certificate is an interesting service. Does the certificate come with standard web hosting? Is the certificate a premium option? Either way, the tutorial was extremely helpful! Especially with Google factoring in websites with http vs. https.

  35. Hi , thanks for this information.One question

    After we successfully install the Let’s Encrypt and the Really Simple SSL plugins and we finish with the process of renaming the URL to https can we then remove those plugins from the WordPress dashboard?..

    Or do we have to keep them installed and running?

    Kind regards

  36. Hi Guys
    This looks pretty good and with Google favouring SSL sites it is certainly something that I will be looking into.

    I’ll send my host a link to this article and see if they are using it via CPanel.

  37. Great timelyarticle Wpbeginner!

    I am just getting into the world off SSL certificates and this tutorial has given me a great starting place.



  38. Great job Syed! I’ve paid for certificates but was unable to give all my sites the https secure domain ability until now. Good timing as well because of the increased security threats everywhere on the net.

    Keep up the good work!


Leave A Reply

Thanks for choosing to leave a comment. Please keep in mind that all comments are moderated according to our comment policy, and your email address will NOT be published. Please Do NOT use keywords in the name field. Let's have a personal and meaningful conversation.